Our first observation of an attempted attack related to this campaign dates back to November 2015, although Symantec telemetry data indicates that the campaign may have already existed in early 2015 or perhaps even earlier. Although approximately half of the attacks focus on the US, other targeted regions include China, Japan, Southeast Asia, and the United Kingdom. While most of the interest still lies in the public sector, more recent attacks were found targeting the following industries:Īccording to Symantec telemetry, targeted organizations are located in dispersed regions. However, the group has since expanded its focus to include a broader range of industries. Two security companies, Cymmetria and Kaspersky, each recently released reports on the campaign, most of which are in line with our observations.Īs other researchers observed, Patchwork originally targeted governments and government-related organizations. Symantec Security Response has been actively monitoring Patchwork, also known as Dropping Elephant, which uses Chinese-themed content as bait to compromise its targets’ networks. ![]() Our research into the group found that it’s been attacking a broad range of industries-including aviation, broadcasting, and finance-to drop back door Trojans. ![]() ![]() ![]() The Patchwork attack group has been targeting more than just government-associated organizations.
0 Comments
Leave a Reply. |